You can use the SMC to monitor system components and third-party devices. You can also view and filter logs, and create Reports from them.
Reports are summaries of logs and statistics that allow you to combine large amounts of data into an easily viewable form.
There are various tools you can use to focus the scope of your Reports.
Before setting up Forcepoint Next Generation Firewall (Forcepoint NGFW), it is useful to know what the different components do and what engine roles are available.
Before you can set up the system and start configuring elements, you must consider how the different SMC components should be positioned and deployed.
After deploying the SMC components, you are ready to start using the Management Client and carrying out some of the first configuration tasks.
You can monitor Forcepoint NGFW components and view system summaries in the Management Client.
The SMC can be configured to log and monitor other manufacturers’ devices in much the same way as SMC components are monitored.
You can view log, alert, and audit entries through the log browsing views. You can view data from SMC servers, all types of engines, and from third-party components that are configured to send data to the SMC.
The Management Client provides extensive reporting tools for generating reports on information stored in the SMC. The summaries that make up the reports can be illustrated with different types of charts and tables.
Filters are the main tool for increasing the granularity of reports.
If there are administrative Domains configured, the reports are Domain-specific.
While other reports are based on logs and statistics, the System Report is based on information collected from the Management Server’s configuration database and audit logs.
Report Designs determine how to process the data and how the results are displayed.
Reports are generated from the Report Designs that are under the Reports tree of the Monitoring Configuration view.
You can export PDF, HTML, and text reports manually for previously generated reports or automatically when generating the report.
The example illustrates a common use for reports and general steps on how the scenario in question is configured.
Filters allow you to select data based on values that it contains. Most frequently, you use filters when viewing logs, but filters can also be used for other tasks, such as exporting logs and selecting data for reports.
Diagrams allow you to visualize your network security environment.
When suspicious activity is detected, it is important to collect information about the incident and act quickly. The Incident Case element is a tool for investigating incidents of suspicious activity.
You can command and set options for engines through the Management Client or on the engine command line. You can also stop traffic manually.
Security Management Center (SMC) configuration allows you to customize how the SMC components work.
You can create and modify Firewalls, IPS engines, Layer 2 Firewalls, Master NGFW Engines and Virtual NGFW Engines. You can configure the engine properties, activate optional features, and configure advanced engine settings.
Use the Management Client to configure static or dynamic routing, and use a Multi-Link configuration to manage and distribute inbound and outbound connections.
Policies are key elements that contain rules for allowing or blocking network traffic and inspecting the content of traffic.
User accounts are stored in internal databases or external directory servers. You can use Forcepoint NGFW in the Firewall/VPN role or external authentication servers to authenticate users.
Forcepoint NGFW supports both policy-based and route-based VPNs (virtual private networks).
Maintenance includes procedures that you do not typically need to do frequently.
Troubleshooting helps you resolve common problems in the Forcepoint NGFW and SMC.